Live
* [CVE-2026-40092] High 🟠 CVE-2026-40092: High Schwachstelle* [CVE-2026-9144] High 🟠 CVE-2026-9144: High Schwachstelle* [CVE-2026-40165] High 🟠 CVE-2026-40165: High Schwachstelle* [CVE-2026-9141] Critical 🔴 CVE-2026-9141: Critical Schwachstelle* Grafana breach caused by missed token rotation after TanStack attack* Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt* ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More* INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests* The New Phishing Click: How OAuth Consent Bypasses MFA* Agent AI is Coming. Are You Ready?* [CVE-2026-40092] High 🟠 CVE-2026-40092: High Schwachstelle* [CVE-2026-9144] High 🟠 CVE-2026-9144: High Schwachstelle* [CVE-2026-40165] High 🟠 CVE-2026-40165: High Schwachstelle* [CVE-2026-9141] Critical 🔴 CVE-2026-9141: Critical Schwachstelle* Grafana breach caused by missed token rotation after TanStack attack* Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt* ⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More* INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests* The New Phishing Click: How OAuth Consent Bypasses MFA* Agent AI is Coming. Are You Ready?

Autor: admin

CVE Medium

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom...

21.05.2026
CVE Medium

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise...

21.05.2026
CVE Medium

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to...

21.05.2026
CVE Medium

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years....

21.05.2026
CVE Medium

Developer Workstations Are Now Part of the Software Supply Chain

Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to...

21.05.2026
CVE Medium

When Identity is the Attack Path

Consider a cached access key on a single Windows machine. It got there the way most cached credentials...

21.05.2026
CVE Critical

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited...

21.05.2026
CVE Medium

Microsoft Warns of Two Actively Exploited Defender Vulnerabilities

Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation...

21.05.2026
CVE-2026-7613 High

🟠 CVE-2026-7613: High Schwachstelle

The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csvdata[0][cost_of_goods_value]'...

21.05.2026 CVSS 7.2 Kein Patch
CVE-2026-39850 High

🟠 CVE-2026-39850: High Schwachstelle

Yii 2 is a PHP application framework. Versions 2.0.54 and prior contain flawed logic in the core view...

21.05.2026 CVSS 7.4 Kein Patch